May 12 – 13, 2019
Shangri-La Bangkok
Asia/Bangkok timezone

A Story on Unsupported DNSSEC Algorithms

May 12, 2019, 2:30 PM
Ballroom 1 (Shangri-La Bangkok)

Ballroom 1

Shangri-La Bangkok

89 ซอย Wat Suan Plu - Dumex, Khwaeng Bang Rak, Khet Bang Rak, Krung Thep Maha Nakhon 10500, Thailand
Standard Presentation Public Workshop


Mr Matthijs Mekking (ISC)


RFC 6944 provides an applicability statement on algorithm implementation status for DNSSEC component software. ince its publication new DNSSEC algorithms have arrived and recommendations on existing algorithms have changed. The IETF document draft-ietf-dnsop-algorithm-update plans to obsolete RFC 6944.

DNS vendors are actively following the new implementation requirements. Can we expect issues when a server has removed support for a certain algorithm when another server is still actively using it?

This presentation covers the expected and observed behavior of DNS servers when interacting with DNSSEC unsupported algorithms.

Talk Duration 30 Minutes

Primary author

Mr Matthijs Mekking (ISC)

Presentation materials